Skip to main content

Privacy warning: Internet of Things can help 'offline' criminals

The billions of interconnected devices, which Britain expects by 2020, could be an invaluable tool in the hands of 'offline' criminals, a new study suggests.

The main reason behind this claim is the fact that these devices are not designed with privacy or data security in mind.

A new report by application security company Veracode suggests that the combination of connected devices, the IoT and cloud software services leads to vulnerabilities that can help crooks in both cyber and physical crimes.

"Businesses are increasingly being breached by attackers via vulnerable web-facing assets; what is there to keep the same from happening to consumers? The short answer is nothing," claimed the Veracode paper, entitled Internet of Things: Security Research Study.

"Already, broad-reaching hacks of connected devices have been recorded and will continue to happen if manufacturers do not bolster their security efforts now," it added.

One of the examples mentioned was when Russians enabled people to watch CCTV cameras, live streams from insecure cameras and baby monitors. Last time people were just watching, but there's really nothing stopping individuals from using that information for theft. If they know when someone's not home, they know when they can break inside and take whatever they want.

Microphones can also be used to steal private information and use it for blackmailing.

"It's hard to not be excited about what the Internet of Things has enabled and will bring in the future, although that doesn't mean cyber security should be sacrificed in the process," said Brandon Creighton, Veracode security research architect.

If they want to make IoT a success, developers need to focus on security and data privacy.

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.